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1.Which of the following is typical of software licensing in the cloud? 

A. Per socket 

B. Perpetual 

C. Subscription-based 

D. Site-based 

Answer: C 

Explanation: 

Cloud software licensing refers to the process of managing and storing software 
licenses in the cloud. The benefits of cloud software licensing models are vast. The 
main and most attractive benefit has to do with the ease of use for software vendors 
and the ability to provide customizable cloud software license management based on 
customer needs and desires1. Cloud-based licensing gives software developers and 
vendors the opportunity to deliver software easily and quickly and gives customers full 
control over their licenses, their analytics, and more1. Cloud based, €ensing gives 
software sellers the ability to add subscription models to their rogfer of services1. 
Subscription models are one of the most popular forms of lic osing today1. Users 
sign up for a subscription (often based on various options al levels of use, features, 
etc.) and receive their licenses instantly1. ο 

Reference: 1 Everything You Need to Know about ορθὸ Licensing | Thales 
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2.A server administrator wants to run a perfaşffance monitor for optimal system 

utilization. «9 

Which of the following metrics can the a@thinistrator use for monitoring? (Choose 

two.) x 


© 
A. Memory Φ 
B. Page file 2 

, 4A 
C. Services κ. 
D. Application oo 
E. CPU e? 


F. Heartbeat Κι 

Answer: AE «ο 

Explanation: 

Memory and CPU are two metrics that can be used for monitoring system utilization. 
Memory refers to the amount of RAM that is available and used by the system and its 
processes. CPU refers to the percentage of processor time that is consumed by the 
system and its processes. Both memory and CPU can affect the performance and 
responsiveness of the system and its applications. Monitoring memory and CPU can 
help identify bottlenecks, resource contention, memory leaks, high load, etc. 


3.After configuring IP networking on a newly commissioned server, a server 
administrator installs a straight- through network cable from the patch panel to the 


switch. The administrator then returns to the server to test network connectivity using 
the ping command. 
The partial output of the ping and ipconfig commands are displayed below: 


ipconfig/all 


IPv4 address: 192.168.1.5 
Subnet mask: 255.255.255.0 
Default gateway: 192.168.1.2 


Pinging 192.168.1.2 with 32 bytes of data: 


Reply from 192.168.1.2: Request timed out 
Reply from 192.168.1.2: Request timed out 
Reply from 192.168.1.2: Request timed out 
Reply from 192.168.1.2: Request timed out 


φΡ 


The administrator returns to the switch andevtices an amber link light on the port 
where the server is connected. Φ 

Which of the following is the MOST idly reason for the lack of network connectivity? 
A. Network port security κ 

Β. An improper VLAN configurg#fon 

C. A misconfigured DHCP sgtver 

D. A misconfigured NIC ohe server 

Answer: D ᾳ΄ 

Explanation: 

A misconfigured Nic on the server is the most likely reason for the lack of network 
connectivity. ΤΗ͂Σ output of the ping command shows that the server is unable to 
reach its default gateway (10.0.0.1) or any other IP address on the network. The 
output of the ipconfig command shows that the server has a valid IP address 
(10.0.0.10) and subnet mask (255.255.255.0) but no default gateway configured. This 
indicates that there is a problem with the NIC settings on the server, such as an 
incorrect IP address, subnet mask, default gateway, DNS server, etc. A misconfigured 
NIC can also cause an amber link light on the switch port, which indicates a speed or 
duplex mismatch between the NIC and the switch. 


4.A user cannot save large files to a directory on a Linux server that was accepting 


smaller files a few minutes ago. 

Which of the following commands should a technician use to identify the issue? 

A. pvdisplay 

B. mount 

C. df -h 

D. fdisk -| 

Answer: C 

Explanation: 

The df -h command should be used to identify the issue of not being able to save 
large files to a directory on a Linux server. The df -h command displays disk space 
usage in human-readable format for all mounted file systems on the server. It shows 
the total size, used space, available space, percentage of use, and mount point of 
each file system. By using this command, a technician can check if these is enough 
free space on the file system where the directory is located or if it has reached its 


capacity limit. Κι 


ο 
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5.Following a recent power outage, a server in the datag@hter has been constantly 
going offline and losing its configuration. Users have b@én experiencing access 
issues while using the application on the server. Thé’server technician notices the 
data and time are incorrect when the server is odine. All other servers are working. 
Which of the following would MOST likely σαμθό this issue? (Choose two.) 
A. The server has a faulty power supply «5 
B. The server has a CMOS battery faile 
C. The server requires OS updates 2 
D. The server has a malfunctionin LED panel 
E. The servers do not have NIÆconfigured 
F. The time synchronizationgérvice is disabled on the servers 

Ὁ 
Answer: ΒΕ ὃ 
Explanation: e? 
The server has a νος battery failure and the time synchronization service is 
disabled on the g8rvers. The CMOS battery is a small battery on the motherboard that 
powers the BIGS settings and keeps track of the date and time when the server is 
powered off. If the CMOS battery fails, the server will lose its configuration and 
display an incorrect date and time when it is powered on. This can cause access 
issues for users and applications that rely on accurate time stamps. The time 
synchronization service is a service that synchronizes the system clock with a reliable 
external time source, such as a network time protocol (NTP) server. If the time 
synchronization service is disabled on the servers, they will not be able to update their 
clocks automatically and may drift out of sync with each other and with the network. 
This can also cause access issues for users and applications that require consistent 
and accurate time across the network. 


6.Α company has implemented a requirement to encrypt all the hard drives on its 
servers as part of a data loss prevention strategy. 
Which of the following should the company also perform as a data loss prevention 
method? 
A. Encrypt all network traffic 
B. Implement MFA on all the servers with encrypted data 
C. Block the servers from using an encrypted USB 
D. Implement port security on the switches 
Answer: B 
Explanation: 
The company should also implement MFA on all the servers with encrypted data as a 
data loss prevention method. MFA stands for multi-factor authenticatiga, which is a 
method of verifying a user’s identity by requiring two or more pieceg set evidence, 
such as something they know (e.g., a password), something theyhave (e.g., a token), 
or something they are (e.g., a fingerprint). MFA adds an extradayer of security to 
prevent unauthorized access to sensitive data, even if the rs password is 
compromised or stolen. Encrypting the hard drives on thé'Servers protects the data 
from being read or copied if the drives are physically gémoved or stolen, but it does 
not prevent unauthorized access to the data if the 4 user’s credentials are valid. 
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7.A systems administrator is setting up a oétver on a LAN that uses an address space 

that follows the RFC 1918 standard. φῦ 

Which of the following IP addresses should the administrator use to be in compliance 
Φ 


with the standard? | 


A. 11.251.196.241 2 
B. 171.245.198.241 e 
C. 172.16.19.241 Bs 

D. 193.168.145.241 9” 
Answer: C Κι 


Explanation: «9 

The administrator should use 172.16.19.241 as an IP address to be in compliance 
with RFC 1918 standard. RFC 1918 defines three ranges of IP addresses that are 
reserved for private internets, meaning they are not globally routable on the public 
Internet and can be used within an enterprise without any risk of conflict or overlap 
with other networks. 

These ranges are: 8.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 
(172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) 

Out of these ranges, only 172.16.19.241 falls within one of them (172.16/12 prefix). 
The other options are either public IP addresses that belong to other organizations or 
networks (11.251.196.241, 171.245.198.241) or invalid IP addresses that do not 
conform to any standard (193.168.145.241). 


Reference: https://whatis.techtarget.com/definition/RFC-1918 


8.An administrator needs to perform bare-metal maintenance on a server in a remote 
datacenter. 

Which of the following should the administrator use to access the server’s console? 
A. ΙΡ KVM 

B. VNC 

C. A crash cart 

D. RDP 

E. SSH 

Answer: A 

Explanation: Φ 

The administrator should use an IP KVM to access the server’s coggole remotely for 
bare-metal maintenance. An IP KVM stands for Internet Protocokeyboard Video 
Mouse, which is a device that allows remote control of a serves’ keyboard, video, 
and mouse over a network connection, such as LAN or Intefret. An ΙΡ KVM enables 
an administrator to perform tasks such as BIOS configugétion, boot sequence 
selection, operating system installation, etc., without,.géing physically present at the 
server location. Κα 

The other options are not suitable for bare-metal‘mnaintenance because they require 
either physical access to the server (a crasht) or an operating system running on 
the server (VNC, RDP, SSH). A crash carx® a mobile unit that contains a monitor, 
keyboard, mouse, and cables that cang®è’plugged into a server for direct access to its 
console. VNC stands for Virtual Netyrk Computing, which is a software that allows 
remote desktop sharing and contr@? over a network connection using a graphical user 
interface (GUI). RDP stands f emote Desktop Protocol, which is a protocol that 
allows remote desktop access and control over a network connection using a GUI or 
command-line interface (61 1). SSH stands for Secure Shell, which is a protocol that 
allows secure πως in and command execution over a network connection using 
a CLI. Ss 
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9.A technician needs to provide a VM with high availability. 

Which of the following actions should the technician take to complete this task as 
efficiently as possible? 

A. Take a snapshot of the original VM 

B. Clone the original VM 

C. Convert the original VM to use dynamic disks 

D. Perform a P2V of the original VM 

Answer: B 

Explanation: 

Cloning the original VM is the most efficient way to provide a VM with high availability. 


Cloning is the process of creating an exact copy of a VM, including its configuration, 
operating system, applications, and data. A cloned VM can be used as a backup or a 
replica of the original VM, and can be powered on and run independently. Cloning can 
be done quickly and easily using vSphere tools or other third-party software. By 
cloning the original VM and placing it on a different host server or availability zone, 
the technician can ensure that if the original VM fails, the cloned VM can take over its 
role and provide uninterrupted service to the users and applications. 


10.A server administrator receives a report that Ann, a new user, is unable to save a 
file to her home directory on a server. 

The administrator checks Ann’s home directory permissions and discovers the 
following: dr-xr-xr-- /home/Ann ¢ 

Which of the following commands should the administrator use to rgsblve the issue 
without granting unnecessary permissions? ορ 

A. chmod 777 /home/Ann ο 

B. chmod 666 /home/Ann Φ 
C. chmod 711 /home/Ann wr 

D. chmod 754 /home/Ann <S 
Answer: D ο 
Explanation: ý 
The administrator should use the command ghmod 754 /home/Ann to resolve the 
issue without granting unnecessary permissions. The chmod command is used to 
change the permissions of files and di ries on a Linux server. The permissions 
are represented by three numbers, gach ranging from 0 to 7, that correspond to the 
read ®, write (w), and execute (x),Bermissions for the owner, group, and others 
respectively. The numbers ar fAlculated by adding up the values of each permission: 
r=4,w=2, x =1. For example, 7 means rwx (4 + 2 + 1), 6 means rw- (4 + 2), 5 
means r-x (4 + 1), etc. Indfis case, Ann’s home directory has the permissions dr-xr- 
xrC, which means thakénly the owner (d) can read (8 and execute (x) the directory, 
and the group and,@ihers can only read ® and execute (x) but not write (w) to it. This 
prevents Ann fro’ saving files to her home directory. To fix this issue, the 
administrator sould grant write permission to the owner by using chmod 754 
/home/Ann, which means that the owner can read ®, write (w), and execute (x) the 
directory, the group can read ® and execute (x) but not write (w) to it, and others can 
only read ® but not write (w) or execute (x) it. This way, Ann can save files to her 
home directory without giving unnecessary permissions to others. 

Reference: https://linuxize.com/post/what-does-chmod-777-mean/ 


11.Which of the following documents would be useful when trying to restore IT 
infrastructure operations after a non-planned interruption? 
A. Service-level agreement 


B. Disaster recovery plan 
C. Business impact analysis 
D. Business continuity plan 
Answer: B 
Explanation: 
A disaster recovery plan would be useful when trying to restore IT infrastructure 
operations after a non-planned interruption. A disaster recovery plan is a document 
that outlines the steps and procedures to recover from a major disruption of IT 
services caused by natural or man-made disasters, such as fire, flood, earthquake, 
cyberattack, etc. 
A disaster recovery plan typically includes: 
A list of critical IT assets and resources that need to be protected and restored 
A list of roles and responsibilities of IT staff and stakeholders ο the recovery 
process Poe 
A list of backup and recovery strategies and tools for data, appigétions, servers, 
networks, etc. 
A list of communication channels and methods for ning es customers, 
vendors, etc. 
A list of testing and validation methods for ee tne functionality and integrity of 
restored systems 
A list of metrics and criteria for measuring the effectiveness and efficiency of the 
recovery process ο 
A disaster recovery plan helps IT ο... to minimize downtime, data loss, and 
financial impact of a disaster, as well 88410 resume normal operations as quickly as 
possible. 2 
Φ 
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12.A systems administrator, is setting up a new server that will be used as a DHCP 
server. The administratorjfstalls the OS but is then unable to log on using Active 
Directory credentials. Fhe administrator logs on using the local administrator account 
and verifies the se has the correct IP address, subnet mask, and default gateway. 
The administratg®then gets on another server and can ping the new server. 
Which of the following is causing the issue? 
A. Port 443 is not open on the firewall 
B. The server is experiencing a downstream failure 
C. The local hosts file is blank 
D. The server is not joined to the domain 
Answer: D 
Explanation: 
The server is not joined to the domain is causing the issue. A domain is a logical 
grouping of computers that share a common directory database and security policy on 
a network. Active Directory is a Microsoft technology that provides domain services 
for Windows-based computers. To use Active Directory credentials to log on to a 


server, the server must be joined to the domain that hosts Active Directory. If the 
server is not joined to the domain, it will not be able to authenticate with Active 
Directory and will only accept local accounts for logon. To join a server to a domain, 
the administrator must have a valid domain account with sufficient privileges and must 
know the name of the domain controller that hosts Active Directory. 


13.A systems administrator is preparing to install two servers in a single rack. The 
administrator is concerned that having both servers in one rack will increase the 
chance of power issues due to the increased load. 

Which of the following should the administrator implement FIRST to address the 
issue? 

A. Separate circuits Φ 

Β. An uninterruptible power supply rat 

C. Increased PDU capacity ορ 

D. Redundant power supplies 5 

Answer: A Φ 

Explanation: wr 
The administrator should implement separate circuits gist to address the issue of 
power issues due to the increased load. Separate gitcuits are electrical wiring 
systems that provide independent power sourceg for different devices or groups of 
devices. By using separate circuits, the admig#Strator can avoid overloading a single 
circuit with too many servers and reduce thé risk of power outages, surges, or fires. 
Separate circuits also provide ο. and fault tolerance, as a failure in one 
circuit will not affect the other oree 


¢ 
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14.Which of the following is a method that is used to prevent motor vehicles from 
getting too close to Ὀυ!!αϊβὸ entrances and exits? 

A. Bollards e? 

B. Reflective glass” 

C. Security guard 

D. Security carmeras 

Answer: A 

Explanation: 

Bollards are an example of a method that is used to prevent motor vehicles from 
getting too close to building entrances and exits. Bollards are short, sturdy posts that 
are installed on sidewalks, parking lots, or roads to create physical barriers and 
control traffic flow. Bollards can be used to protect pedestrians, buildings, or other 
structures from vehicle collisions or attacks. Bollards can be made of various 
materials, such as metal, concrete, or plastic, and can be fixed, removable, or 
retractable. 

Reference: https://en.wikipedia.org/wiki/Bollard 


15.A technician is installing a variety of servers in a rack. 

Which of the following is the BEST course of action for the technician to take while 
loading the rack? 

A. Alternate the direction of the airflow 

B. Install the heaviest server at the bottom of the rack 

C. Place a UPS at the top of the rack 

D. Leave 1U of space between each server 

Answer: B 

Explanation: 

The technician should install the heaviest server at the bottom of the rack to load the 
rack properly. Installing the heaviest server at the bottom of the rack hglps to balance 
the weight distribution and prevent the rack from tipping over or collapsing. Installing 
the heaviest server at the bottom of the rack also makes it easiegto access and 
service the server without lifting or moving it. Installing the he fest server at any 
other position in the rack could create instability and safety Rar 


« 

16.A technician is configuring a server that requires Secure remote access. 
Which of the following ports should the ἰροπηοϊβῚ use? 
A. 21 ο 
Β. 22 «9 
Ο. 28 Rx 
D. 443 ~ 

Φ 
Answer: B Φ 
Explanation: L 
The technician should use rt 22 to configure a server that requires secure remote 
access. Port 22 is the defgult port for Secure Shell (SSH), which is a protocol that 
allows secure remote 46gin and command execution over a network connection using 
a command-line interface (CLI). SSH encrypts both the authentication and data 
transmission beeen the client and the server, preventing eavesdropping, tampering, 
or spoofing. SSH can be used to perform various tasks on a server remotely, such as 
configuration, administration, maintenance, troubleshooting, etc. 


17.Α server administrator is using remote access to update a server. The 
administrator notices numerous error messages when using YUM to update the 
applications on a server. 

Which of the following should the administrator check FIRST? 

A. Network connectivity on the server 

B. LVM status on the server 

C. Disk space in the /var directory 


D. YUM dependencies 
Answer: D 


18.Which of the following is an example of load balancing? 

A. Round robin 

B. Active-active 

C. Active-passive 

D. Failover 

Answer: A 

Explanation: 

Round robin is an example of load balancing. Load balancing is the method of 
distributing network traffic equally across a pool of resources that support an 
application. Load balancing improves application availability, scalabittty, security, and 
performance by preventing any single resource from being overlgaded or unavailable. 
Round robin is a simple load balancing algorithm that assign each incoming request 
to the next available resource in a circular order. For oxangi, if there are three 
servers (A, B, C) in a load balancer pool, round robin wilkSend the first request to 
server A, the second request to server B, the third regsest to server C, the fourth 


request to server A again, and so on. © 
Reference: https://simplicable.com/new/load-balancing 
a 
κο 


19.Which of the following is the MOST.gpropriate scripting language to use for a 
logon script for a Linux box? 2 

A. VBS Φ 

Β. Shell κό 

C. Java οφ 

D. PowerShell ὃ 

Ε. Batch e? 

Answer: B Ý 

Explanation: «9 

Shell is the most appropriate scripting language to use for a logon script for a Linux 
box. Shell is a generic term for a command-line interpreter that allows users to 
interact with the operating system by typing commands and executing scripts. Shell 
scripts are files that contain a series of commands and instructions that can be 
executed by a shell. Shell scripts are commonly used for automating tasks, such as 
logon scripts that run when a user logs on to a system. There are different types of 
shells available for Linux systems, such as Bash, Ksh, Zsh, etc., but they all share a 
similar syntax and functionality. 


20.Which of the following tools will analyze network logs in real time to report on 


suspicious log events? 
A. Syslog 
B. DLP 
C. SIEM 
D. HIPS 
Answer: C 
Explanation: 
SIEM is the tool that will analyze network logs in real time to report on suspicious log 
events. SIEM stands for Security Information and Event Management, which is a 
software solution that collects, analyzes, and correlates log data from various 
sources, such as servers, firewalls, routers, antivirus software, etc. SIEM can detect 
anomalies, patterns, trends, and threats in the log data and generate alerts or reports 
for security monitoring and incident response. SIEM can also provide historical 
analysis and compliance reporting for audit purposes. rat 
Reference: https:/www.manageengine.com/products/eventlog/sy¥slog-server.htm| 
5 
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21.Which of the following will correctly map a script to 8 όπιο directory for a user 
based on username? 
A. \\server\users$\username © 
B. \\server\*%username% Φ 
C. \\server\FirstlnitialLastName g? 
D. \\server\$username$ «9 
Answer: Β Rx 
Explanation: 2 
The administrator should use \senfér%ousername% to correctly map a script to a 
home directory for a user basggön username. %username% is an environment 
variable that represents the eurrent user's name on a Windows system. By using this 
variable in the path of the’script, the administrator can dynamically map the script to 
the user’s home direcigry on the server. For example, if the user's name is John, the 
script will be mappe@dato \server\John. 
Reference: httpg#social.technet.microsoft.com/Forums/windows/en- 
US/07cfcb73-796d-48aa-96a9-08280a1 ef25a/ mapping-home-directory-with- 
username-variable?forum=w7itprogeneral 


22.A server that recently received hardware upgrades has begun to experience 
random BSOD conditions. 

Which of the following are likely causes of the issue? (Choose two.) 

A. Faulty memory 

B. Data partition error 

C. Incorrectly seated memory 

D. Incompatible disk speed 


E. Uninitialized disk 
F. Overallocated memory 
Answer: AC 
Explanation: 
Faulty memory and incorrectly seated memory are likely causes of the random BSOD 
conditions on the server. Memory is one of the most common hardware components 
that can cause BSOD (Blue Screen of Death) errors on Windows systems. BSOD 
errors occur when the system encounters a fatal error that prevents it from continuing 
to operate normally. Memory errors can be caused by faulty or incompatible memory 
modules that have physical defects or manufacturing flaws. Memory errors can also 
be caused by incorrectly seated memory modules that are not properly inserted or 
locked into the memory slots on the motherboard. This can result in loose or poor 
connections between the memory modules and the motherboard. ¢ 
ο΄ 
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23.A server administrator has configured a web server. se 
Which of the following does the administrator need to instalFto make the website 
trusted? ο 
Α. ΡΚΙ ο 
B. SSL s 
C. LDAP o 
D. DNS R? 
Answer: B «9 
Explanation: D 
The administrator needs to install 555 to make the website trusted. SSL stands for 
Secure Sockets Layer, which is arféncryption-based Internet security protocol that 
ensures privacy, authenticatioggand data integrity in web communications. SSL 
enables HTTPS (Hypertext &ransfer Protocol Secure), which is a secure version of 
HTTP (Hypertext TransfetProtocol) that encrypts the data exchanged between a web 
browser and a web segter. SSL also uses digital certificates to verify the identity of 
the web server and@établish trust with the web browser. A web server that 
implements SSI fas HTTPS in its URL instead of HTTP and displays a padlock icon 
or a green bar ff the browser’s address bar. 


24.A technician is attempting to update a server’s firmware. After inserting the media 
for the firmware and restarting the server, the machine starts normally into the OS. 
Which of the following should the technician do NEXT to install the firmware? 

A. Press F8 to enter safe mode 

B. Boot from the media 

C. Enable HIDS on the server 

D. Log in with an administrative account 

Answer: B 


Explanation: 

The technician should boot from the media to install the firmware on the server. 
Firmware is a type of software that controls the low-level functions of hardware 
devices, such as BIOS (Basic Input/Output System), RAID controllers, network cards, 
etc. Firmware updates are often provided by hardware manufacturers to fix bugs, 
improve performance, or add new features to their devices. To install firmware 
updates on a server, the technician needs to boot from a media device (Such as a CD- 
ROM, DVD-ROM, USB flash drive, etc.) that contains the firmware files and 
installation program. The technician cannot install firmware updates from within the 
operating system because firmware updates often require restarting or resetting the 
hardware devices. 


25.A server administrator mounted a new hard disk on a Linux syste with a mount 
point of /newdisk. ορ 
It was later determined that users were unable to create dire tories or files on the new 
mount point. e 
Which of the following commands would successfully mgùnt the drive with the 
required parameters? oS 
A. echo /newdisk >> /etc/fstab P 
B. net use /newdisk Φ 
b 
C. mount Co remount, rw /newdisk R? 
D. mount Ca «9 
Answer: C ΑΔ 
Explanation: 2 
The administrator should use the Æmmand mount Co remount,rw /newdisk to 
successfully mount the drive with the required parameters. The mount command is 
used to mount file systems @n Linux systems. The Co option specifies options for 
mounting file systems. The remount option re-mounts an already mounted file system 
with different options. (he rw option mounts a file system with read-write permissions. 
In this case, /newdigk is a mount point for a new hard disk that was mounted with 
read-only permigSions by default. To allow users to create directories or files on 
/newdisk, the administrator needs to re-mount / 
Reference: https://unix.stackexchange.com/ 


26.Which of the following BEST describes the concept of right to downgrade? 

A. It allows for the return of a new OS license if the newer OS is not compatible with 
the currently installed software and is returning to the previously used OS 

B. It allows a server to run on fewer resources than what is outlined in the minimum 
requirements document without purchasing a license 

C. It allows for a previous version of an OS to be deployed in a test environment for 
each current license that is purchased 


D. It allows a previous version of an OS to be installed and covered by the same 
license as the newer version 
Answer: D 
Explanation: 
The concept of right to downgrade allows a previous version of an OS to be installed 
and covered by the same license as the newer version. For example, if a customer 
has a license for Windows 10 Pro, they can choose to install Windows 8.1 Pro or 
Windows 7 Professional instead and still be compliant with the license terms. 
Downgrade rights are granted by Microsoft for certain products and programs, such 
as Windows and Windows Server software acquired through Commercial Licensing, 
OEM, or retail channels. Downgrade rights are intended to provide customers with 
flexibility and compatibility when using Microsoft software. 
ών 

27.A server administrator needs to harden a server by only allowiag secure traffic and 
DNS inquiries. 5 
A port scan reports the following ports are open: Φ 
A. 21 ar 
B. 22 F 
C. 23 ο 
D. 53 o 
E. 443 a 
F. 636 «9 
Answer: ABC Rx 

% 


28.Which of the following opep,ports should be closed to secure the server properly? 
(Choose two.) ΜΝ, 

Α. 21 & 

B. 22 ᾳ΄ 

C. 23 σ᾽ 
D. 53 ee 

E. 443 

F. 636 

Answer: AC 
Explanation: 

The administrator should close ports 21 and 23 to secure the server properly. Port 21 
is used for FTP (File Transfer Protocol), which is an unsecure protocol that allows file 
transfer between a client and a server over a network connection. FTP does not 
encrypt the data or the credentials that are transmitted, making them vulnerable to 
interception or modification by attackers. Port 23 is used for Telnet, which is an 
unsecure protocol that allows remote login and command execution over a network 
connection using a CLI. Telnet does not encrypt the data or the credentials that are 


transmitted, making them vulnerable to interception or modification by attackers. 
Reference: https://www.csoonline.com/article/3191531/securing-risky-network- 
ports.html 


29.Which of the following must a server administrator do to ensure data on the SAN is 
not compromised if it is leaked? 
A. Encrypt the data that is leaving the SAN 

B. Encrypt the data at rest 
C. Encrypt the host servers 

D. Encrypt all the network traffic 
Answer: B 

Explanation: Φ 
The administrator must encrypt the data at rest to ensure data on the’SAN is not 
compromised if it is leaked. Data at rest refers to data that is stogd on a device or a 
medium, such as a hard drive, a flash drive, or a SAN (Stora e Area Network). Data 
at rest can be leaked if the device or the medium is lost, stofen, or accessed by 
unauthorized parties. Encrypting data at rest means αρρλ πο an algorithm that 
transforms the data into an unreadable format that casonly be decrypted with a key. 
Encryption protects data at rest from being expos r misused by attackers who may 
obtain the device or the medium. 3 

a 
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30.A server technician has been askedy® upload a few files from the internal web 
server to the internal FTP server. Thetechnician logs in to the web server using 
PuTTY, but the connection to the ΤΡ server fails. However, the FTP connection from 
the technician’s workstation ig s@?cessful. To troubleshoot the issue, the technician 
executes the following comraand on both the web server and the workstation: 
ping ftp.acme.local Θ᾽ 
The ΙΡ address in the gommand output is different on each machine. 
Which of the followifg is the MOST likely reason for the connection failure? 
A. A misconfiguéa firewall 

B.A misconfiguted hosts.deny file 
C. A misconfigured hosts file 

D. A misconfigured hosts.allow file 
Answer: C 


31.A company deploys antivirus, anti-malware, and firewalls that can be assumed to 
be functioning properly. 

Which of the following is the MOST likely system vulnerability? 

A. Insider threat 

B. Worms 


C. Ransomware 

D. Open ports 

E. Two-person integrity 

Answer: A 

Explanation: 

Insider threat is the most likely system vulnerability in a company that deploys 
antivirus, anti-malware, and firewalls that can be assumed to be functioning properly. 
An insider threat is a malicious or negligent act by an authorized user of a system or 
network that compromises the security or integrity of the system or network. An 
insider threat can include data theft, sabotage, espionage, fraud, or other types of 
attacks. Antivirus, anti-malware, and firewalls are security tools that can protect a 
system or network from external threats, such as viruses, worms, ransomware, or 
open ports. However, these tools cannot prevent an insider threat frompexploiting their 
access privileges or credentials to harm the system or network. ra 
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32.A security analyst suspects a remote server is running yélherable network 
applications. The analyst does not have administrative entials for the server. 
Which of the following would MOST likely help the anafyst determine if the 
applications are running? ο 
A. User account control 3 
B. Anti-malware ο 
C. A sniffer «9 
D. A port scanner we? 
Answer: D 2 
Explanation: ο 


A port scanner is the tool that,yweuld most likely help the analyst determine if the 
applications are running οη 8 remote server. A port scanner is a software tool that 
scans a network device fg¥ open ports. Ports are logical endpoints for network 
communication that argassociated with specific applications or services. By scanning 
the ports on a remeteé server, the analyst can identify what applications or services 
are running on thst server and what protocols they are using. A port scanner can also 
help detect poténtial vulnerabilities or misconfigurations on a server. 


33.A server is performing slowly, and users are reporting issues connecting to the 
application on that server. Upon investigation, the server administrator notices several 
unauthorized services running on that server that are successfully communicating to 
an external site. 

Which of the following are MOST likely causing the issue? (Choose two.) 

A. Adware is installed on the users’ devices 

B. The firewall rule for the server is misconfigured 

C. The server is infected with a virus 


D. Intrusion detection is enabled on the network 

E. Unnecessary services are disabled on the server 
F. SELinux is enabled on the server 

Answer: BC 


34.A server technician is configuring the IP address on a newly installed server. The 
documented configuration specifies using an IP address of 10.20.10.15 and a default 
gateway of 10.20.10.254. 

Which of the following subnet masks would be appropriate for this setup? 

A. 255.255.255.0 

B. 255.255.255.128 


C. 255.255.255.240 Φ 
D. 255.255.255.254 ο 
Answer: A ορ 


Explanation: © 


The administrator should use a subnet mask of 255.255.2 ο for this setup. A subnet 
mask is a binary number that defines how many bits of afIP address are used for the 
network portion and how many bits are used for the hgSt portion. The network portion 
identifies the specific network that the IP address kongs to, while the host portion 
identifies the specific device within that networks fhe subnet mask is usually written in 
dotted decimal notation, where each octet raptésents eight bits of the binary number. 
A 1 in the binary number means that the cePresponding bit in the IP address is part of 
the network portion, while a 0 means thet ït is part of the host portion. For example, a 
subnet mask of 255.255.255.0 means*that the first 24 bits (three octets) of the IP 
address are used for the network fdrtion and the last 8 bits (one octet) are used for 
the host portion. This subnet mask allows up to 254 hosts per network (248 - 2). In 
this case, the IP address οί ἆ 20.10.15 and the default gateway οἱ 10.20.10.254 
belong to the same netwe¢fk of 10.20.10.0/24 (where /24 indicates the number of bits 
used for the network ppirtion), which can be defined by using a subnet mask of 
255.255.255.0. ο 


vy 
x 


35.A storage administrator is investigating an issue with a failed hard drive. A 
technician replaced the drive in the storage array; however, there is still an issue with 
the logical volume. 

Which of the following best describes the NEXT step that should be completed to 
restore the volume? 

A. Initialize the volume 

B. Format the volume 

C. Replace the volume 

D. Rebuild the volume 

Answer: D 


Explanation: 

The administrator should rebuild the volume to restore it after replacing the failed hard 
drive. A volume is a logical unit of storage that can span across multiple physical 
disks. A volume can be configured with different levels of RAID (Redundant Array of 
Independent Disks) to provide fault tolerance and performance enhancement. When a 
hard drive in a RAID volume fails, the data on that drive can be reconstructed from 
the remaining drives using parity or mirroring techniques. However, this process 
requires a new hard drive to replace the failed one and a rebuild operation to copy the 
data from the existing drives to the new one. Rebuilding a volume can take a long 
time depending on the size and speed of the drives and the RAID level. 


36.A large number of connections to port 80 is discovered while reviewing the log files 


on a server. The server is not functioning as a web server. 47 

Which of the following represent the BEST immediate actions ἰοῴγενεηί unauthorized 
server access? (Choose two.) 5 

A. Audit all group privileges and permissions Φ 


Β. Run a checksum tool against all the files on the serv y 
C. Stop all unneeded services and block the ports οπ4βό firewall 
D. Initialize a port scan on the server to identify ope ports 


E. Enable port forwarding on port 80 Png 
F. Install a NIDS on the server to prevent negwork intrusions 
Answer: AD «9 
ΓΩ 
5 


37.A company is running an appliätion on a file server. A security scan reports the 
application has a known vulnerability. 

Which of the following woul@be the company’s BEST course of action? 

A. Upgrade the applicatigt package 

B. Tighten the rules orthe firewall 

C. Install antivirus software 

D. Patch the seyér OS 

Answer: A 9 

Explanation: 

The best course of action for the company is to upgrade the application package to fix 
the known vulnerability. A vulnerability is a weakness or flaw in an application that can 
be exploited by an attacker to compromise the security or functionality of the system. 
Upgrading the application package means installing a newer version of the application 
that has patched or resolved the vulnerability. This way, the company can prevent 
potential attacks that may exploit the vulnerability and cause damage or loss. 


38.A technician runs top on a dual-core server and notes the following conditions: 


top C- 14:32:27, 364 days, 14 users load average 60.5 12.4 13.6 
Which of the following actions should the administrator take? 
A. Schedule a mandatory reboot of the server 
B. Wait for the load average to come back down on its own 
C. Identify the runaway process or processes 
D. Request that users log off the server 
Answer: C 
Explanation: 
The administrator should identify the runaway process or processes that are causing 
high load average on the server. Load average is a metric that indicates how many 
processes are either running on or waiting for the CPU at any given time. A high load 
average means that there are more processes than available CPU cores, resulting in 
poor performance and slow response time. A runaway process is a process that 
consumes excessive CPU resources without terminating or releasipg“them. A 
runaway process can be caused by various factors, such as programming errors, 
infinite loops, memory leaks, etc. To identify a runaway procegs, the administrator can 
use tools such as top, ps, or htop to monitor CPU usage ang rocess status. To stop 
a runaway process, the administrator can use commands*such as kill, pkill, or killall to 
send signals to terminate it. oe 

ο΄ 
39.A technician needs to set up a server backtip method for some systems. The 
company’s management team wants to hase quick restores but minimize the amount 
of backup media required. D 
Which of the following are the BESTackup methods to use to support the 
management's priorities? (Choosétwo.) 
A. Differential ΕΙ 


ae 
B. Synthetic full Ν΄ 
C. Archive ὃ 
D. Full e? 


E. Incremental 

F. Open file 9΄ 
Ρ ; ο 

Answer: AB 


40.Ann, an administrator, is configuring a two-node cluster that will be deployed. To 
check the cluster’s functionality, she shuts down the active node. Cluster behavior is 
as expected, and the passive node is now active. Ann powers on the server again 
and wants to return to the original configuration. 

Which of the following cluster features will allow Ann to complete this task? 

A. Heartbeat 

B. Failback 

C. Redundancy 


D. Load balancing 
Answer: B 
Explanation: 
The cluster feature that will allow Ann to complete her task is failback. A cluster is a 
group of servers that work together to provide high availability, scalability, and load 
balancing for applications or services. A cluster can have different nodes or members 
that have different roles or states. An active node is a node that is currently running 
an application or service and serving requests from clients. A passive node is a node 
that is on standby and ready to take over if the active node fails. A failover is a 
process of switching from a failed or unavailable node to another node in a cluster. A 
failback is a process of switching back from a failover node to the original node after it 
becomes available again. Failback can be automatic or manual depending on the 
cluster configuration. <$ 
ο΄ 
ορ 
41.Which of the following policies would be BEST to deter a Re-force login attack? 
A. Password complexity ο 
B. Password reuse ο 
C. Account age threshold «ἲ 
D. Account lockout threshold 
Answer: D Φ 
Explanation: g? 
The best policy to deter a brute-force loginsAttack is account lockout threshold. A 
brute-force login attack is a type of atta that tries to guess a user’s password by 
trying different combinations of chargéters until it finds the correct one. This attack 
can be performed manually or witfPautomated tools that use dictionaries, wordlists, or 
algorithms. An account locko tffireshold is a policy that specifies how many failed 
login attempts are allowed be ore an account is locked out temporarily or 
permanently. This policy prevents an attacker from trying unlimited password guesses 
and reduces the changé% of finding the correct password. 
S 
ο 
42.Α techniciarrneeds to install a Type 1 hypervisor on a server. The server has SD 
card slots, a SAS controller, and a SATA controller, and it is attached to a NAS. 
On which of the following drive types should the technician install the hypervisor? 
A. SD card 
B. NAS drive 
C. SATA drive 
D. SAS drive 
Answer: D 
Explanation: 
The technician should install the Type 1 hypervisor on a SAS drive. A Type 1 
hypervisor is a layer of software that runs directly on top of the physical hardware and 


creates virtual machines that share the hardware resources. A Type 1 hypervisor 
requires fast and reliable storage for optimal performance and stability. A SAS drive is 
a type of hard disk drive that uses Serial Attached SCSI (SAS) as its interface 
protocol. SAS drives offer high speed, low latency, and high reliability compared to 
other types of drives, such as SD cards, NAS drives, or SATA drives. SD cards are 
flash memory cards that offer low cost and portability but have low speed, low 
capacity, and low durability. NAS drives are network-attached storage devices that 
offer high capacity and easy access but have high latency and low reliability due to 
network dependency. SATA drives are hard disk drives that use Serial ATA (SATA) 
as their interface protocol. SATA drives offer moderate speed, moderate cost, and 
moderate reliability but have lower performance and durability than SAS drives. 


43.A technician is trying to determine the reason why a Linux serves not 
communicating on a network. ορ 

The returned network configuration is as follows: © 

ethO: flags=4163<UP, BROADCAST, RUNNING, ΜυΙ τις > mtu 1500 inet 
127.0.0.1 network 255.255.0.0 broadcast 127.0.0.1 «» 

Which of the following BEST describes what is happesing? 

A. The server is configured to use DHCP ona network that has multiple scope 
options X 

B. The server is configured to use DHCP, b ές DHCP server is sending an 
incorrect subnet mask «9 

C. The server is configured to use DHQP bn a network that does not have a DHCP 
server 2 

D. The server is configured to use®HOP, but the DHCP server is sending an 
incorrect MTU setting 
Answer: C Φ 
Explanation: ὢ 
The reason why the Lightx server is not communicating on a network is that it is 
configured to use P on a network that does not have a DHCP server. DHCP 
(Dynamic Host @Snfiguration Protocol) is a protocol that allows a client device to 
obtain an IP ad@ress and other network configuration parameters from a DHCP 
server automatically. However, if there is no DHCP server on the network, the client 
device will not be able to obtain a valid IP address and will assign itself a link-local 
address instead. A link-local address is an IP address that is only valid within a local 
network segment and cannot be used for communication outside of it. A link-local 
address has a prefix of 169.254/16 in IPv4 or fe80::/10 in IPv6. In this case, the Linux 
server has assigned itself a link-local address of 127.0.0.1, which is also known as 
the loopback address. The loopback address is used for testing and troubleshooting 
purposes and refers to the device itself. It cannot be used for communication with 
other devices on the network. 


44.A server technician is deploying a server with eight hard drives. The server 
specifications call for a RAID configuration that can handle up to two drive failures but 
also allow for the least amount of drive space lost to RAID overhead. 

Which of the following RAID levels should the technician configure for this drive 
array? 

A. RAID 0 

B. RAID 5 

C. RAID 6 

D. RAID 10 

Answer: C 

Explanation: 

The technician should configure RAID 6 for this drive array to meet theserver 
specifications. RAID 6 is a type of RAID level that provides fault tolesance and 
performance enhancement by using striping and dual parity. Striging means dividing 
data into blocks and distributing them across multiple disks to@icrease speed and 
capacity. Parity means calculating and storing extra informa on that can be used to 
reconstruct data in case of disk failure. RAID 6 uses twagsets of parity information for 
each stripe, which are stored on different disks. This way, RAID 6 can handle up to 
two disk failures without losing any data or functionality. RAID 6 also allows for the 
least amount of drive space lost to RAID overhead compared to other RAID levels 
that can handle two disk failures, such as RAIS 1+0 or RAID 0+1. 


Reference: https:/Avww.booleanworld.corPaid-levels-explained/ 
Φ 
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45.Which of the following should a administrator use to transfer log files from a Linux 
server to a Windows workstatjgf? 

A. Telnet Ν΄ 

B. Robocopy ὃ 
C. XCOPY Q 
D. SCP σ᾽ 
Answer: D ee 
Explanation: 

The administrator should use SCP to transfer log files from a Linux server to a 
Windows workstation. SCP (Secure Copy Protocol) is a protocol that allows secure 
file transfer between two devices using SSH (Secure Shell) encryption. SCP can 
transfer files between different operating systems, such as Linux and Windows, as 
long as both devices have an SSH client installed. SCP can also preserve file 
attributes, such as permissions and timestamps, during the transfer. 


46.Users in an office lost access to a file server following a short power outage. The 
server administrator noticed the server was powered off. 


Which of the following should the administrator do to prevent this situation in the 
future? 

A. Connect the server to a KVM 

B. Use cable management 

C. Connect the server to a redundant network 

D. Connect the server to a UPS 

Answer: D 

Explanation: 

The administrator should connect the server to a UPS to prevent this situation in the 
future. A UPS (Uninterruptible Power Supply) is a device that provides backup power 
to a server or other device in case of a power outage or surge. A UPS typically 
consists of one or more batteries and an inverter that converts the battery power into 
AC power that the server can use. A UPS can also protect the server fgom power 


fluctuations that can damage its components or cause data corruptian. By connecting 
the server to a UPS, the administrator can ensure that the servegwill continue to run 
or shut down gracefully during a power failure. 5 
O 
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47.Which of the following describes the installation ofa OS contained entirely within 
another OS installation? Pies 
A. Host oS 
B. Bridge a 
C. Hypervisor «9 
D. Guest Rx 
Answer: D 2 
Explanation: Φ 


The installation of an OS contaipied entirely within another OS installation is described 
as a guest. A guest is a tern that refers to a virtual machine (VM) that runs on top of a 
host operating system (08) using a hypervisor or a virtualization software. A guest 
can have a different osthan the host, and can run multiple applications or services 
independently frome host. A guest can also be isolated from the host and other 
guests for security or testing purposes. 


48.A server technician is installing a Windows server OS on a physical server. The 
specifications for the installation call for a 4TB data volume. 

To ensure the partition is available to the OS, the technician must verify the: 

A. hardware is UEFI compliant 

B. volume is formatted as GPT 

C. volume is formatted as MBR 

D. volume is spanned across multiple physical disk drives 

Answer: A B 


49.An administrator is configuring a server that will host a high-performance financial 
application. 

Which of the following disk types will serve this purpose? 

A. SAS SSD 

B. SATA SSD 

C. SAS drive with 10000rpm 

D. SATA drive with 15000rpm 

Answer: A 

Explanation: 

The best disk type for a high-performance financial application is a SAS SSD. A SAS 
SSD (Serial Attached SCSI Solid State Drive) is a type of storage device that uses 
flash memory chips to store data and has a SAS interface to connect tẹ 8 server or a 
storage array. A SAS SSD offers high speed, low latency, high ΓΘΙΙΒΒΙΠΥ, and high 
durability compared to other types of disks, such as SATA SSDs¥SAS HDDs, or 
SATA HDDs. A SAS SSD can handle high I/O workloads an Sliver consistent 
performance for applications that require fast data access μη processing. 


Reference: https://|www.hp.com/us-en/shop/tech-takes/s@8-vs-sata 
oÔ 
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50.Which of the following DR testing scenarios igdescribed as verbally walking 
through each step of the DR plan in the context of a meeting? 
A. Live failover «9 
Β. Simulated failover κα 
C. Asynchronous 2 
D. Tabletop Φ 
Answer: D κό 
Explanation: Ν΄ 
The DR testing scenario Hat is described as verbally walking through each step of the 
DR plan in the contexk6f a meeting is tabletop. A tabletop test is a type of disaster 
recovery (DR) test gat involves discussing and reviewing the DR plan with key 
stakeholders angSarticipants in a simulated scenario. A tabletop test does not involve 
any actual exeCution of the DR plan or any disruption of the normal operations. A 
tabletop test can help identify gaps, issues, or inconsistencies in the DR plan and 
improve communication and coordination among the DR team members. 


51.When configuring networking on a VM, which of the following methods would allow 
multiple VMs to share the same host IP address? 

A. Bridged 

B. NAT 

C. Host only 

D. vSwitch 


Answer: B 

Explanation: 

The method that would allow multiple VMs to share the same host IP address is NAT. 
NAT (Network Address Translation) is a technique that allows multiple devices to use 
a single public IP address by mapping their private IP addresses to different port 
numbers. NAT can be used for VM networking to enable multiple VMs on the same 
host to access the internet or other networks using the host’s IP address. NAT can 
also provide security benefits by hiding the VMs’ private IP addresses from external 
networks. 

Reference: https://www. virtualbox.org/manual/ch06.html 


52.A technician recently upgraded several pieces of firmware on a seryer. Ever since 
the technician rebooted the server, it no longer communicates with network. 
Which of the following should the technician do FIRST to return e server to service 
as soon as possible? 5 

A. Replace the NIC Φ 

Β. Make sure the NIC is on the HCL ar 

C. Reseat the NIC & 

D. Downgrade the NIC firmware 
Answer: D Φ 
Explanation: R? 
The first thing that the technician should deo return the server to service as soon as 
possible is downgrade the NIC firmwar@?Firmware is a type of software that controls 
the basic functions of hardware devigés, such as network interface cards (NICs). 
Firmware updates can provide bugfixes, performance improvements, or new features 
for hardware devices. Howevestirmware updates can also cause compatibility 
issues, configuration errors,@r functionality failures if they are not installed properly or 
if they are not compatibleWith the device model or driver version. Downgrading the 
firmware means revertifg to an older version of firmware that was previously working 
fine on the device. @owngrading the firmware can help resolve any problems caused 
by a faulty Πππηνιρῦθ update and restore normal operation of the device. 


53.A server administrator has noticed that the storage utilization on a file server is 
growing faster than planned. The administrator wants to ensure that, in the future, 
there is a more direct relationship between the number of users using the server and 
the amount of space that might be used. 

Which of the following would BEST enable this correlation? 

A. Partitioning 

B. Deduplication 

C. Disk quotas 

D. Compression 


Answer: C 

Explanation: 

The best way to ensure that there is a more direct relationship between the number of 
users using the server and the amount of space that might be used is to implement 
disk quotas. Disk quotas are a feature that allows a server administrator to limit the 
amount of disk space that each user or group can use on a file server. Disk quotas 
can help manage storage utilization, prevent disk space exhaustion, and enforce fair 
usage policies. Disk quotas can also provide reports and alerts on disk space usage 
and quota status. 


54.A server administrator needs to keep a copy of an important fileshare that can be 


used to restore the share as quickly as possible. ¢ 
Which of the following is the BEST solution? rat 
A. Copy the fileshare to an LTO-4 tape drive ορ 


B. Configure a new incremental backup job for the fileshare © 
C. Create an additional partition and move a copy of the fi are 


D. Create a snapshot of the fileshare ο 
l 9 

Answer: D oS 

Explanation: P 


The best solution to keep a copy of an important 'flleshare that can be used to restore 
the share as quickly as possible is to create anapshot of the fileshare. A snapshot is 
a point-in-time copy of a file system or a vefume that captures the state and data of 
the fileshare at a specific moment. A sa@pshot can be created instantly and with 
minimal overhead, as it only stores tae changes made to the fileshare after the 
snapshot was taken. A snapshot ¢&n be used to restore the fileshare to its previous 
state in case of data loss or copfiiption. 

Φ 
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55.Which οἱ the followatg can be BEST described as the amount of time a company 
can afford to be dagh during recovery from an outage? 

A. SLA ee 

B. MTBF 

C.RTO 

D. MTTR 

Answer: C 

Explanation: 

The term that best describes the amount of time a company can afford to be down 
during recovery from an outage is RTO. RTO (Recovery Time Objective) is a metric 
that defines the maximum acceptable downtime for an application, system, or process 
after a disaster or disruption. RTO helps determine the level of urgency and resources 
required for restoring normal business operations. RTO is usually measured in 
minutes, hours, or days, depending on the criticality and impact of the service. 


Reference: https://whatis.techtarget.com/definition/recovery-time-objective-RTO 


56.Which of the following actions should a server administrator take once a new 
backup scheme has been configured? 

A. Overwrite the backups 

B. Clone the configuration 

C. Run a restore test 

D. Check the media integrity 

Answer: C 

Explanation: 

The action that the server administrator should take once a new backup scheme has 
been configured is to run a restore test. A restore test is a process of yẹrifying that the 
backup data can be successfully recovered and restored to its οΠοΙΩΗ! location or a 
different location. A restore test can help ensure that the ο αν. eme is working 
properly, that the backup data is valid and consistent, and thatthere are no errors or 
issues during the recovery process. A restore test should Re erformed periodically 


and after any changes to the backup configuration or enyironment. 
oS 
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57.A systems administrator is performing maintghance on 12 Windows servers that 
are in different racks at a large datacenter. Q? 
Which of the following would allow the administrator to perform maintenance on all 12 
servers without having to physically bet each server? (Choose two.) 


A. Remote desktop 2 
B. IP KVM Φ 
C. A console connection 2 


D. A virtual administration console 

᾽ «Ὁ 
E. Remote drive access g 
F. A crash cart οἱ 
Answer: AB ον 
Explanation: «9 
The methods tffat would allow the administrator to perform maintenance on all 12 
servers without having to physically be at each server are remote desktop and IP 
KVM. Remote desktop is a feature that allows a user to access and control another 
computer over a network using a graphical user interface (GUI). Remote desktop can 
enable remote administration, troubleshooting, and maintenance of servers without 
requiring physical presence at the server location. IP KVM (Internet Protocol 
Keyboard Video Mouse) is a device that allows a user to access and control multiple 
servers over a network using a single keyboard, monitor, and mouse. IP KVM can 
provide remote access to servers regardless of their operating system or power state, 
and can also support virtual media and serial console functions. 
Reference: https://www.blackbox.be/en-be/page/27559/Resources/T echnical- 


Resources/Black-Box-Explains/kvm/ Benefits-of-using-KVM-over-IP 


58.A server administrator is experiencing difficulty configuring MySQL on a Linux 
server. The administrator issues the getenforce command and receives the following 
output: ># Enforcing 
Which of the following commands should the administrator issue to configure MySQL 
successfully? 
A. setenforce 0 
B. setenforce permissive 
C. setenforce 1 
D. setenforce disabled 
Answer: A ¢ 
ο. Φ 
Explanation: gg 
The command that the administrator should issue to configure MYSQL successfully is 
setenforce 0. This command sets the SELinux en es Linux) mode to 
permissive, which means that SELinux will not enforce its 54 urity policies and will 
only log any violations. SELinux is a feature that a ey access control 
(MAC) for Linux systems, which can enhance the seqyfity and prevent unauthorized 
access or modification of files and processes. HoweVer, SELinux can also interfere 
with some applications or services that require specific permissions or ports that are 
not allowed by SELinux by default. In this cage, MySQL may not be able to run 
properly due to SELinux restrictions. To resdlve this issue, the administrator can 
either disable SELinux temporarily by ο... 0, or permanently by editing 
the /etc/selinux/config file and settingsSELINUX=disabled. Alternatively, the 
administrator can configure SELin& to allow MySQL to run by using commands such 
as semanage or setsebool. 2 
Reference: https://blogs.oraele.com/mysql/selinux-and-mysq|-v2 
ὃ 
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59.Which of the follwing backup types only records changes to the data blocks on a 
virtual machine {> 
A. Differential ? 
B. Snapshot 
C. Incremental 
D. Synthetic full 
Answer: C 


60.Which of the following server types would benefit MOST from the use of a load 
balancer? 

A. DNS server 

B. File server 


C. DHCP server 

D. Web server 

Answer: D 

Explanation: 

The server type that would benefit most from the use of a load balancer is web server. 
A web server is a server that hosts web applications or websites and responds to 
requests from web browsers or clients. A load balancer is a device or software that 
distributes network traffic across multiple servers based on various criteria, such as 
availability, capacity, or performance. A load balancer can improve the scalability, 
reliability, and performance of web servers by balancing the workload and preventing 
any single server from being overloaded or unavailable. 

Reference: https://www.dnsstuff.com/what-is-server-load-balancing 


g 
61.A company uses a hot-site, disaster-recovery model. ορ 
Which of the following types οἱ data replication is required? 5 
A. Asynchronous Φ 
Β. Incremental «Σ᾽ 
Ο. Application consistent 
D. Constant P 
Answer: D 3 
Explanation: ο 


The type of data replication that is requiredfor a hot-site disaster recovery model is 
constant. A hot site is a type of disast covery site that has fully operational IT 
infrastructure and equipment that captake over the primary site’s functions 
immediately in case of a disaster δρ disruption. A hot site requires constant data 
replication between the primarysite and the hot site to ensure that the data is up-to- 
date and consistent. Constaat data replication means that any changes made to the 
data at the primary site ag immediately copied to the hot site without any delay or 


lag. $ 
g ο 


62.A techniciarris unable to access a server's package repository internally or 
externally. 

Which of the following are the MOST likely reasons? (Choose two.) 

A. The server has an architecture mismatch 

B. The system time is not synchronized 

C. The technician does not have sufficient privileges 

D. The external firewall is blocking access 

E. The default gateway is incorrect 

F. The local system log file is full 

Answer: C D 


63.A server administrator was asked to build a storage array with the highest possible 
capacity. 

Which of the following RAID levels should the administrator choose? 

A. RAID 0 

B. RAID 1 

C. RAID 5 

D. RAID 6 

Answer: A 

Explanation: 

The RAID level that provides the highest possible capacity for a storage array is RAID 
0. RAID 0 is a type of RAID level that provides performance enhancement by using 
striping. Striping means dividing data into blocks and distributing themacross multiple 
disks to increase speed and capacity. RAID 0 does not provide any,4ault tolerance or 
redundancy, as it does not use any parity or mirroring techniqueg?RAID 0 uses all of 
the available disk space for data storage, without losing any gpace for overhead. 
Therefore, RAID 0 provides the highest possible capacity {ora storage array, but also 
has the highest risk of data loss. g 

Reference: https:/www.thinkmate. com/inside/articlesgat-i is-raid 


L 
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64.A company's security team has noticed egployees seem to be blocking the door in 

the main data center when they are worp on equipment to avoid having to gain 

access each time. 

Which of the following should be D ii to force the employees to enter the 

data center properly? Φ 


A. A security camera 2 
4a 

B. A mantrap Ν΄ 

Ο. A security guard of 

D. A proximity card κ 

Answer: B ΚΙ 


Explanation: «9 

A mantrap is a Security device that consists of two interlocking doors that allow only 
one person to enter at a time. A mantrap would prevent employees from blocking the 
door in the main data center and force them to enter properly using their credentials. 
The other options would not enforce proper entry to the data center 


65.A technician needs to deploy an operating system that would optimize server 
resources. 

Which of the following server installation methods would BEST meet this 
requirement? 

A. Full 


B. Bare metal 

C. Core 

D. GUI 

Answer: C 

Explanation: 

The server installation method that would optimize server resources is core. Core is a 
minimal installation option that is available for some operating systems, such as 
Windows Server and Linux. Core installs only the essential components and features 
of the operating system, without any graphical user interface (GUI) or other 
unnecessary services or applications. Core reduces the disk footprint, memory usage, 
CPU consumption, and attack surface of the server, making it more efficient and 
secure. Core can be managed remotely using command-line tools, PowerShell, or 


GUI tools. ¢ 
Reference: https://docs.microsoft.com/en-us/windows- ο 
server/administration/performance-tuning/hardware/ ορ 
κ. 
Φ 


66.A company’s IDS has identified outbound traffic frome of the web servers 
coming over port 389 to an outside address. This serg&ř only hosts websites. The 


company’s SOC administrator has asked a technici to harden this server. 
Which of the following would be the BEST way t complete this request? 
A. Disable port 389 on the server ο 


B. Move traffic from port 389 to port 443 ᾧ 
C. Move traffic from port 389 to port 63%? 
D. Enable port 389 for web traffic „2 
Answer: A Φ 
Explanation: go 
The best way to complete the request to harden the server is to disable port 389 on 
the server. Port 389 is theWefault port used by LDAP (Lightweight Directory Access 
Protocol), which is a focol that allows access and modification of directory services 
over a network. ee be used for authentication, authorization, or information 
retrieval purpos@$’ However, LDAP does not encrypt its data by default, which can 
expose sensitive information or credentials to attackers who can intercept or modify 
the network traffic. Therefore, port 389 should be disabled on a web server that only 
hosts websites and does not need LDAP functionality. Alternatively, port 636 can be 
used instead of port 389 to enable LDAPS (LDAP over SSL/TLS), which encrypts the 


data using SSL/TLS certificates. 


67.Which of the following would be BEST to help protect an organization against 
social engineering? 

A. More complex passwords 

B. Recurring training and support 


C. Single sign-on 
D. An updated code of conduct to enforce social media 
Answer: B 
Explanation: 
The best way to protect an organization against social engineering is to provide 
recurring training and support. Social engineering is a type of attack that exploits 
human psychology and behavior to manipulate people into divulging confidential 
information or performing malicious actions. Social engineering can take various 
forms, such as phishing emails, phone calls, impersonation, baiting, or quid pro quo. 
The best defense against social engineering is to educate and empower the 
employees to recognize and avoid common social engineering techniques and report 
any suspicious activities or incidents. Recurring training and support can help raise 
awareness and reinforce best practices among the employees. ¢ 
ο΄ 

ορ 
68.A technician is connecting a server’s secondary NIC to a separate network. The 
technician connects the cable to the switch but then does pót see any link lights on 
the NIC. The technician confirms there is nothing wrong on the network or with the 


physical connection. δα 
Which of the following should the technician perforgrNEXT? 
A. Restart the server 3 
B. Configure the network on the server ο 
C. Enable the port on the server «9 
D. Check the DHCP configuration Rx 
Answer: B 2 
ay 


Φ 
Φ 
69.Which οἱ the following waia MOST likely be part of the user authentication 
process when implementig SAML across multiple applications? 
A. SSO e? 


B. LDAP σ᾽ 
C.TACACS „S 

D. MFA 2 
Answer: A 
Explanation: 


The term that is most likely part of the user authentication process when 
implementing SAML across multiple applications is SSO. SSO (Single Sign-On) is a 
way for users to be authenticated for multiple applications and services at once. With 
SSO, a user signs in at a single login screen and can then use a number of apps 
without having to enter their credentials again. SSO improves user experience and 
security by reducing password fatigue and phishing risks. SAML (Security Assertion 
Markup Language) is a protocol that enables SSO by providing a standardized way to 
exchange authentication and authorization data between an identity provider (ΙΩΡ) 


and a service provider (SP). SAML uses XML-based messages called assertions to 
communicate user identity and attributes between parties. 
Reference: https://www.onelogin.com/learn/how-single-sign-on-works 


70.A server administrator needs to check remotely for unnecessary running services 
across 12 servers. 

Which of the following tools should the administrator use? 

A. DLP 

B. A port scanner 

C. Anti-malware 


D. A sniffer 

Answer: B ¢ 
Explanation: ο 

The tool that the administrator should use to check for unnecessgy running services 
across 12 servers is a port scanner. A port scanner is a tool scans a network 


device for open ports and identifies the services or applicati s that are running on 
those ports. A port scanner can help detect any unauthofžed or unwanted services 
that may pose a security risk or consume network regstirces. A port scanner can also 
help troubleshoot network connectivity issues or verity firewall rules. 
Reference: https://www.getsafeonline.org/busing’ss/articles/unnecessary-services/ 
a 

κο 
71.A company is building a new datacavter next to a busy parking lot. 
Which of the following is the BEST stategy to ensure wayward vehicle traffic does not 
interfere with datacenter operation€? 
A. Install security cameras ον 
B. Utilize security guards $ 


C. Install bollards Θ᾽ 
D. Install a mantrap οἳ 
Answer: C κ. 


Explanation: «9 

The best strategy to ensure wayward vehicle traffic does not interfere with datacenter 
operations is to install bollards. Bollards are sturdy posts that are installed around a 
perimeter to prevent vehicles from entering or crashing into a protected area. Bollards 
can provide physical security and deterrence for datacenters that are located near 
busy roads or parking lots. Bollards can also prevent accidental damage or injury 
caused by vehicles that lose control or have faulty brakes. 


72.A technician has been asked to check on a SAN. Upon arrival, the technician 
notices the red LED indicator shows a disk has failed. 
Which of the following should the technician do NEXT, given the disk is hot 


swappable? 

A. Stop sharing the volume 

B. Replace the disk 

C. Shut down the SAN 

D. Stop all connections to the volume 

Answer: B 

Explanation: 

The next thing that the technician should do, given the disk is hot swappable, is to 
replace the disk. A hot swappable disk is a disk that can be removed and replaced 
without shutting down the system or affecting its operation. A hot swappable disk is 
typically used in a storage array that has RAID (Redundant Array of Independent 
Disks) configuration that provides fault tolerance and redundancy. If a disk fails in a 
RAID array, it can be replaced by a new disk without interrupting the service or losing 
any data. The new disk will automatically rebuild itself using the datafrom the other 


disks in the array. Κι 


ο 
δε 

73.Network connectivity to a server was lost when it wag@illed from the rack during 

maintenance. oS 

Which of the following should the server administrator use to prevent this situation in 

the future? 3 

A. Cable management g? 

B. Rail kits «9 

C. A wireless connection Rx 

D. A power distribution unit 2 

Answer: A Φ 

Explanation: 2 

The server administrator shod use cable management to prevent network 

connectivity loss when puing a server from the rack during maintenance. Cable 

management is 8 praetiee of organizing and securing the cables that connect various 

devices and compefents in a system. Cable management can help improve airflow, 

reduce τν παι tangling, and avoid accidental disconnection or damage of 

cables. Cable management can be done using various tools and techniques, such as 

cable ties, cable trays, cable labels, cable organizers, or cable ducts. 


74.Which of the following access control methodologies can be described BEST as 
allowing a user the least access based on the jobs the user needs to perform? 

A. Scope-based 

B. Role-based 

C. Location-based 

D. Rule-based 

Answer: B 


Explanation: 

The access control methodology that can be described best as allowing a user the 
least access based on the jobs the user needs to perform is role-based access 
control (RBAC). RBAC is an access control method that assigns permissions to users 
based on their roles or functions within an organization. RBAC provides fine-grained 
and manageable access control by defining what actions each role can perform and 
what resources each role can access. RBAC follows the principle of least privilege, 
which means that users are only granted the minimum level of access required to 
perform their tasks. RBAC can reduce security risks, simplify administration, and 
enforce compliance policies. 


75.A datacenter technician is attempting to troubleshoot a server that keeps crashing. 
The server runs normally for approximately five minutes, but then itefashes. After 
restoring the server to operation, the same cycle repeats. The tegnician confirms 
none of the configurations have changed, and the load on thestrver is steady from 
power-on until the crash. κ’ 

Which of the following will MOST likely resolve the issue 

A. Reseating any expansion cards in the server eo 

B. Replacing the failing hard drive Po 

C. Reinstalling the heat sink with new thermal pašte 

D. Restoring the server from the latest full bagKup 

Answer: C «9 

Explanation: D 

The most likely solution to resolve théissue of the server crashing after running 
normally for approximately five mifùtes is to reinstall the heat sink with new thermal 
paste. A heat sink is a device àt dissipates heat from a component, such as a 
processor or a graphics card, y transferring it to a cooling medium, such as air or 
liquid. A heat sink is usuaffy attached to the component using thermal paste, which is 
a substance that fills tké’gaps between the heat sink and the component and 
improves thermal ductivity. Thermal paste can degrade over time and lose its 
effectiveness, resulting in overheating and performance issues. If a server crashes 
after running for a short period of time, it may indicate that the processor is 
overheating due to insufficient cooling. To resolve this issue, the technician should 
remove the heat sink, clean the old thermal paste, apply new thermal paste, and 
reinstall the heat sink. 


76.A server administrator is exporting Windows system files before patching and 
saving them to the following location: 

\\server1\ITDept\ 

Which of the following is a storage protocol that the administrator is MOST likely using 
to save this data? 


A. eSATA 

B. FCoE 

C. CIFS 

D. SAS 
Answer: C 

Explanation: 
The storage protocol that the administrator is most likely using to save data to the 
location \server1\ITDept\ is CIFS. CIFS (Common Internet File System) is a protocol 
that allows file sharing and remote access over a network. CIFS is based on SMB 
(Server Message Block), which is a protocol that enables communication between 
devices on a network. CIFS uses UNC (Universal Naming Convention) paths to 
identify network resources, such as files or folders. A UNC path has the format 
\servername\sharename\path\filename. In this case, server1 is the name of the 
server, |TDept is the name of the shared folder, and \ is the path within the shared 
folder. ορ 

κ. 
9 
77.A server technician has received reports of databasedidate errors. The technician 
checks the server logs and determines the database is*éxperiencing synchronization 
errors. Ps 
To attempt to correct the errors, the technician sftould FIRST ensure: 
A. the correct firewall zone is active ο 

B. the latest firmware was applied «9 

C. NTP is running on the database syge 

D. the correct dependencies are inst@Hed 
Answer: C Φ 

Explanation: go 
The first thing that the technician should ensure to correct the database 
synchronization errors is tat NTP is running on the database system. NTP (Network 
Time Protocol) is a pratocol that synchronizes the clocks of network devices with a 
reference time so , such as an atomic clock or a GPS receiver. NTP ensures that 
all devices on afétwork have accurate and consistent time settings, which can affect 
various functiorfs and applications. Database synchronization is a process of 
maintaining data consistency and integrity across multiple database servers or 
instances. Database synchronization can depend on accurate time settings, as time 
stamps are often used to determine which data is newer or older, and which data 
should be updated or overwritten. If NTP is not running on the database system, it 
may cause time drift or discrepancy between different database servers or instances, 
which can result in synchronization errors or data conflicts. 


78.A technician is connecting a Linux server to a share on a NAS. 
Which of the following is the MOST appropriate native protocol to use for this task? 


A. CIFS 

B. FTP 

C. SFTP 

D. NFS 

Answer: D 

Explanation: 

The most appropriate native protocol to use for connecting a Linux server to a share 
on a NAS is NFS. NFS (Network File System) is a protocol that allows file sharing and 
remote access over a network. NFS is designed for Unix-like operating systems, such 
as Linux, and supports features such as symbolic links, hard links, file locking, and file 
permissions. NFS uses mount points to attach remote file systems to local file 
systems, making them appear as if they are part of the local file system. NFS can 
provide fast and reliable access to files stored on a NAS (Network Attaghed Storage), 
which is a device that provides centralized storage for network devigds. 


ss 
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79.A server in a remote datacenter is no longer responsive.® 
Which of the following is the BEST solution to ivestigatg tis failure? 
A. Remote desktop oS 
B. Access via a crash cart P 
C. Out-of-band management 3 
D. A Secure Shell connection ο 
Answer: C «9 
Explanation: D 


The best solution to investigate the fatture of a server in a remote datacenter is out-of- 
band management. Out-of-band nfanagement is a method of accessing and 
controlling a server ora devicg,esing a dedicated channel that is separate from its 
normal network connection, @ut-of-band management can use various technologies, 
such as serial ports, modéms, KVM switches, or dedicated management cards or 
interfaces. Out-of-ba anagement can provide remote access to servers or 
devices even whengey are powered off, unresponsive, or disconnected from the 
network. Out-of Maind management can enable troubleshooting, configuration, 
maintenance, OF recovery tasks without requiring physical presence at the server 
location. 

Reference: https://www.lantronix.com/wp- 
content/uploads/pdf/Data_Center_Mgmt_WP.pdf 


80.A server is reporting a hard drive S.M.A.R.T. error. When a technician checks on 
the drive, however, it 

appears that all drives in the server are functioning normally. 

Which of the following is the reason for this issue? 

A. AS.M.A.R.T. error is a predictive failure notice. The drive will fail in the near future 


and should be replaced at the next earliest time possible 
B. AS.M.A.R.T. error is a write operation error. It has detected that the write sent to 
the drive was incorrectly formatted and has requested a retransmission of the write 
from the controller 
C.AS.M.A.R.T. error is simply a bad sector. The drive has marked the sector as bad 
and will continue to function properly 
D. AS.M.A.R.T. error is an ECC error. Due to error checking and correcting, the drive 
has corrected the missing bit and completed the write operation correctly. 
Answer: A 
Explanation: 
A S.M.A.R.T. error is a predictive failure notice. The drive will fail in the near future 
and should be replaced at the next earliest time possible. S.M.A.R.T. (Self-Monitoring, 
Analysis and Reporting Technology) is a feature that monitors the health and 
performance of hard drives and alerts the user of any potential propigins or failures. 
S.M.A.R.T. can detect various indicators of drive degradation, syéh as bad sectors, 
read/write errors, temperature, or spin-up time. If a S.M.A.R. error is reported, it 
means that the drive has exceeded a predefined κος acceptable operation 
and is likely to fail soon. The drive may still function normally for a while, but it is 
recommended to back up the data and replace the drivé as soon as possible to avoid 
data loss or system downtime. B 
© 

oe 
81.A server administrator has been creating new VMs one by one. The administrator 
notices the system requirements are very'similar, even with different applications. 
Which of the following would help thgadministrator accomplish this task in the 
SHORTEST amount of time and nfet the system requirements? 
A. Snapshot o 


ae «ὦ 
Β. Deduplication οφ 
C. System Restore of 
D. Template e? 
Answer: D Κι 


Explanation: («9 

The method that would help the administrator accomplish the task of creating new 
VMs in the shortest amount of time and meet the system requirements is template. A 
template is a preconfigured virtual machine image that contains an operating system, 
applications, settings, and other components. A template can be used to create 
multiple identical or customized VMs quickly and easily, without having to install and 
configure each VM from scratch. A template can save time and ensure consistency 
across VMs. 


82.Which of the following steps in the troubleshooting theory should be performed 
after a solution has been implemented? (Choose two.) 


A. Perform a root cause analysis 

B. Develop a plan of action 

C. Document the findings 

D. Escalate the issue 

E. Scope the issue 

F. Notify the users 

Answer: CF 

Explanation: 

The steps in the troubleshooting theory that should be performed after a solution has 
been implemented are document the findings and notify the users. The 
troubleshooting theory is a systematic process of identifying and resolving problems 
or issues with a system or device. 

The troubleshooting theory consists of several steps that can be summarized as 
follows: Φ 

Identify the problem: Gather information, scope the issue, establigh a theory of 
probable cause. 5 

Establish a plan of action: Test the theory, determine next sf€ps, escalate if 
necessary. g 
Implement the solution: Execute the plan, verify functignality, prevent recurrence. 
Document the findings: Record actions taken, outcemnes achieved, lessons learned. 
Notify the users: Communicate resolution status,“confirm satisfaction, provide follow- 
up. Documenting the findings is an importank$fep that helps create a record of what 
was done and why, what worked and whakdidn’t, and what can be improved or 
avoided in the future. Documenting th dings can also help with reporting, auditing, 
compliance, or training purposes. Notifying the users is another important step that 
helps inform the affected parties ofwhat was done and how it was resolved, confirm 
that the problem is fixed and that they are satisfied with the outcome, and provide any 
follow-up instructions or recemmendations. 


N 
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83.Which of the follwing allows for a connection of devices to both sides inside of a 
blade enclosureg> 
A. Midplane 


B. Active backplane 

C. Passive backplane 

D. Management module 

Answer: A 

Explanation: 

The component that allows for a connection of devices to both sides inside of a blade 
enclosure is midplane. A midplane is a board or panel that connects two sets of 
connectors or devices in parallel with each other. A midplane is typically used in blade 
enclosures or chassis to provide power and data connections between blade servers 
on one side and power supplies, cooling fans, switches, or management modules on 


the other side. A midplane can also act as a backplane by providing bus signals or 
communication channels between devices. 


84.A snapshot is a feature that can be used in hypervisors to: 
A. roll back firmware updates. 
B. restore to a previous version. 
C. roll back application drivers. 
D. perform a backup restore. 
Answer: B 
Explanation: 
A snapshot is a feature that can be used in hypervisors to restore to a previous 
version. A snapshot is a point-in-time copy of a virtual machine (VM) that captures the 
state and data of the VM at a specific moment. A snapshot can be gréated instantly 
and with minimal overhead, as it only stores the changes made tthe VM after the 
snapshot was taken. A snapshot can be used to restore the yao its previous state in 
case of data loss or corruption. Φ 

a” 
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85.A server administrator needs to deploy five VMg All of which must have the same 
type of configuration. 3 
Which of the following would be the MOST effidient way to perform this task? 
A. Snapshot a VM. «9 
B. Use a physical host. κα 
C. Perform a P2V conversion. 2 
D. Use a VM template. Φ 
Answer: D 2 
Explanation: ο 
Deploying a virtual machifé from a template creates a virtual machine that is a copy 
of the template. The new virtual machine has the virtual hardware, installed software, 
and other propertiegsthat are configured for the template. 
Reference: httpg#docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.v 
m_admin.doc/G@UID-8254CD05-CC06-491 D-BA56-A773A32A8130.html 
The most efficient way to perform the task of deploying five VMs with the same type 
of configuration is to use a VM template. A template is a preconfigured virtual 
machine image that contains an operating system, applications, settings, and other 
components. A template can be used to create multiple identical or customized VMs 
quickly and easily, without having to install and configure each VM from scratch. A 
template can save time and ensure consistency across VMs. 


86.A global organization keeps personnel application servers that are local to each 
country. However, a security audit shows these application servers are accessible 


from sites in other countries. 

Which of the following hardening techniques should the organization use to restrict 
access to only sites that are in the same country? 

A. Configure a firewall 

B. Close the unneeded ports 

C. Install 8 HIDS 

D. Disable unneeded services. 

Answer: A 

Explanation: 

Monitors Network Traffic 

Reference: https://www.fortinet.com/resources/cyberglossary/benefits-of-firewall 


87. The Chief Information Officer (CIO) of a datacenter is concern ot 
transmissions from the building can be detected from the outside? 
Which of the following would resolve this concern? (Choose ws.) 

A. RFID Φ 

Β. Proximity readers wr 

C. Signal blocking 

D. Camouflage ῷ 
Ε. Reflective glass Φ 
F. Bollards R? 
Answer: C, E xO 
Explanation: 
The best solutions to resolve the congern of transmissions from the building being 
detected from outside are signal bfécking and reflective glass. Signal blocking is a 
method of preventing or ntefa with electromagnetic signals from escaping or 
entering a certain area. Signal blocking can be achieved by using various materials or 
devices that create physigal barriers or generate noise or jamming signals. Signal 
blocking can protect deta transmissions from being intercepted or eavesdropped by 
unauthorized partię® Reflective glass is a type of glass that has a coating or film that 
reflects light angfeat. Reflective glass can reduce glare and solar radiation, as well 
as prevent visual observation from outside. Reflective glass can enhance privacy and 
security for datacenter operations. 


88.A server administrator is configuring the IP address on a newly provisioned server 
in the testing environment. 
The network VLANs are configured as follows: 


5 | Active switchports 


The administrator configures the IP address for the new server as follows: 
IP address: 192.168.1.1/24 

Default gateway: 192.168.10.1 

A ping sent to the default gateway is not successful. 

Which of the following IP address/default gateway combinations should the 
administrator have used for the new server? 

A. IP address: 192.168.10.2/24 


Default gateway: 192.168.10.1 κα 
B. IP address: 192.168.1.2/24 ο 
Default gateway: 192.168.10.1 σ᾽ 

C. ΙΡ address: 192.168.10.3/24 X 


Default gateway: 192.168.20.1 


PP 
D. IP address: 192.168.10.24/24 s 
Default gateway: 192.168.30.1 S 
Answer: A xe 
Explanation: Θ᾽ 


The ΙΡ address/default gateway combinatiorefhat the administrator should have used 
for the new server is IP address: 192.168. 10.2/24 and Default gateway: 192.168.10.1. 
The IP address and the default gatewapof a device must be in the same subnet to 
communicate with each other. A subhet is a logical division of a network that allows 
devices to share a common prefix Of their IP addresses. The subnet mask determines 
how many bits of the IP address are used for the network prefix and how many bits 
are used for the host identifiér. A /24 subnet mask means that the first 24 bits of the 
IP address are used for spe network prefix and the last 8 bits are used for the host 
identifier. Therefore, y IP address that has the same first 24 bits as the default 
gateway belongs tothe same subnet. In this case, the default gateway has an IP 
address of De 0.1/24, which means that any IP address that starts with 
192.168.10.x/24 belongs to the same subnet. The new server has an IP address of 
192.168.1.1/24, which does not match the first 24 bits of the default gateway, so it 
belongs to a different subnet and cannot communicate with the default gateway. To 
fix this issue, the administrator should change the IP address of the new server to an 
unused IP address that starts with 192.168.10.x/24, such as 192.168.10.2/24. 


89.A server administrator is configuring a new server that will hold large amounts of 

information. The server will need to be accessed by multiple users at the same time. 
Which of the following server roles will the administrator MOST likely need to install? 
A. Messaging 


B. Application 
C. Print 
D. Database 
Answer: D 
Explanation: 
Few people are expected to use the database at the same time and users don’t need 
to customize the design of the database. 
Reference: https://support.microsoft.com/en-us/office/ways-to-share-an-access- 
desktop-database-03822632-da43-4d8f-ba2a-68da245a0446 
The server role that the administrator will most likely need to install for a server that 
will hold large amounts of information and will need to be accessed by multiple users 
at the same time is database. A database is a collection of structured data that can be 
stored, queried, manipulated, and analyzed using various methods ang tools. A 
database server is a server that hosts one or more databases and provides access to 
them over a network. A database server can handle large amouefs of information and 
support concurrent requests from multiple users or applications: 

D 


ar 

90.Users at a company work with highly sensitive datg® The security department 
implemented an administrative and technical contrefo enforce least-privilege access 
assigned to files. However, the security departragnt has discovered unauthorized data 
exfiltration. ο 
Which of the following is the BEST way to #stotect the data from leaking? 
A. Utilize privacy screens. Re 
B. Implement disk quotas. 2 
C. Install a DLP solution. Φ 
D. Enforce the lock-screen feae. 
Answer: C Φ 

| «Ὁ 
Explanation: ὃ 
Components of a Datat‘oss Solution 
Reference: https:/www.imperva.com/learn/data-security/data-loss-prevention-dlp/ 
The best way tagS¥otect the data from leaking is to install a DLP solution. A DLP (Data 
Loss Prevention) solution is a software that helps businesses prevent confidential 
data from being leaked or stolen by unauthorized parties. A DLP solution can identify, 
monitor, and protect data as it moves across networks and devices, such as 
endpoints, email, web, cloud applications, or removable media. A DLP solution can 
also enforce security policies based on content and context for data in use, in motion, 
and at rest. A DLP solution can detect and prevent data breaches by using various 
techniques, such as content inspection, contextual analysis, encryption, blocking, 
alerting, warning, quarantining, or other remediation actions. 


91.A server administrator needs to create a new folder on a file server that only 


specific users can access. 

Which of the following BEST describes how the server administrator can accomplish 
this task? 

A. Create a group that includes all users and assign it to an ACL. 

B. Assign individual permissions on the folder to each user. 

C. Create a group that includes all users and assign the proper permissions. 

D. Assign ownership on the folder for each user. 

Answer: A 


92.A technician has received multiple reports of issues with a server. The server 
occasionally has a BSOD, powers off unexpectedly, and has fans that run 
continuously. 

Which of the following BEST represents what the technician shoulggestigat during 
troubleshooting? 

A. Firmware incompatibility 
B. CPU overheating 

C. LED indicators ar 
D. ESD issues < 
Answer: B © 
Explanation: 
Unexpected shutdowns. If the system is rangofly shutting down or rebooting, the 
most likely cause is a heat problem. «9 

Reference: Θ 

ο αλ. 


Φ 


Pu 


93.Which of the following Ta a systems administrator implement to ensure all web 
traffic is secure? E 

A. SSH e? 

B. SSL Κι 

C. SMTP ee 

D. PGP 2 

Answer: B 

Explanation: 

Secure Sockets Layer (SSL): SSL and its successor Transport Layer Security (TLS) 
enable client and server computers to establish a secure connection session and 
manage encryption and decryption activities. 

Reference: https://paginas.fe.up.pt/~als/mis10e/ch8/chpt8-4bullettext.htm 


94.An administrator is configuring a server to communicate with a new storage array. 
To do so, the administrator enters the WWPN of the new array in the server’s storage 


configuration. 

Which of the following technologies is the new connection using? 
A. iSCSI 

B. eSATA 

C.NFS 

D. FcoE 

Answer: D 


95.HOTSPOT 

A systems administrator deployed a new web proxy server onto the network. The 

proxy server has two interfaces: the first is connected to an internal corporate firewall, 

and the second is connected to an internet-facing firewall. Many pee the 
company are reporting they are unable to access the Internet since new proxy 

was introduced. Analyze the network diagram and the proxy sengr s host routing 


table to resolve the Internet connectivity issues. πο © 
9 
INSTRUCTIONS 
Perform the following steps: ο 
96. Click on the proxy server to display its routing able. 
g? 


97. Modify the appropriate route entries towesolve the Internet connectivity issue. 
If at any time you would like to bring bagk'the initial state of the simulation, please 
click the Reset All button. oe 
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Proxy Server Routing Table 


Destination Netmask 


0.0.0.0 0.0.0.0 
192.168.1.0 255.255.255.0 
Φ 


Answer: 


Gateway 


192.168.3.0 
192.168.4.0 
192.168.1.1 
192.168.2.0 
192.168.1.0 
192.168.4.1 
192.168.2.1 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.2.2 


192.168.3.0 
192.168.4.0 
192.168.1.1 
192.168.2.0 
192.168.1.0 
192.168.4.1 
192.168.2.1 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.2.2 


Interface 


192.168.4.1 
192.168.1.1 
192.168.3.0 
192.168.1.0 
192.168.2.2 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.4.0 
192.168.2.1 
192.168.2.0 


192.168.4.1 
192.168.1.1 
192.168.3.0 
192.168.1.0 
192.168.2.2 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.4.0 
192.168.2.1 
192.168.2.0 


Destination 


192.168.1.0 


Netmask 


255.255.255.0 


Gateway 


192.168.3.0 
192.168.4.0 
192.168.1.1 
192.168.2.0 
192.168.1.0 
192.168.4.1 
192.168.2.1 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.2.2 


192.168.3.0 
192.168.4.0 
192.168.1.1 
192.168.2.0 
192.168.1.0 
192.168.4.1 
192.168.2.1 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.2.2 


Interface 


192.168.4.1 
192.168.1.1 
192.168.3.0 
192.168.1.0 
192.168.2.2 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.4.0 
192.168.2.1 
192.168.2.0 


192.168.4.1 
192.168.1.1 
192.168.3.0 
192.168.1.0 
192.168.2.2 
0.0.0.0 

192.168.3.1 


255.255.255.0 


192.168.3.2 
192.168.4.0 
192.168.2.1 
192.168.2.0 


98.A systems administrator needs to configure a new server and external storage for 
a new production application environment. 

Based on end-user specifications, the new solution needs to adhere to the following 
basic requirements: 


99. The OS must be installed in a separate disk partition. In case of hard drive failure, 
it cannot be affected. 


100. Application data IOPS performance is a must. 


101. Data availability is a high priority, even in the case of multiple hard drive failures. 


Which of the following are the BEST options to comply with the user requirements? 
(Choose three.) 

A. Install the OS on a RAID 0 array. 

B. Install the OS on a RAID 1 array. 

C. Configure RAID 1 for the application data. 

D. Configure RAID 5 for the application data. 

E. Use SSD hard drives for the data application array. 

F. Use SATA hard drives for the data application array. 

G. Use a single JBOD for OS and application data. 

Answer: BDE 

Explanation: 

To comply with the user requirements, the best options are to install the OS ona 
RAID 1 array, configure RAID 5 for the application data, and use SSD pard drives for 
the data application array. ο 

Here is why: ορ 

RAID 1 is a mirroring technique that creates an exact copy of data on two disks. This 
provides redundancy and fault tolerance in case of hard driv@ failure. RAID 1 also 
improves read performance since either disk can be re t the same time. 
Therefore, installing the OS on a RAID 1 array meets,fie first requirement of 
separating the OS from the application data and protecting it from hard drive failure. 
RAID 5 is a striping technique with parity that distributes data and parity blocks across 
three or more disks. This provides improved getformance and storage efficiency 
compared to RAID 1, as well as fault tolerafice in case of a single disk failure. 
Therefore, configuring RAID 5 for the application data meets the second and third 
requirements of providing high lOPSerformance and data availability. 

SSD hard drives are solid-state drf¥es that use flash memory to store data. They have 
no moving parts and offer fas efread and write speeds, lower latency, and lower 
power consumption than tragi ional HDDs. Therefore, using SSD hard drives for the 
data application array mests the second requirement of providing high IOPS 
performance. ᾳ΄ 

Reference: https://ghdenixnap.com/kb/raid-levels-and-types 
https://en.wikipaga.org/wiki/Standard_RAID_levels 


102.A server technician installs a new NIC on a server and configures the NIC for IP 
connectivity. The technician then tests the connection using the ping command. 
Given the following partial output of the ping and ipconfig commands: 


ipconfig /all 


IPv4 address: 192.168.1.5 
Subnet mask: 255.255.255.090 
Default gateway: 192.168.1.1 


pinging 192.168.1.1 with 32 bytes of data: 


Request timed out 
Reply from 192.168.1.1: bytes=32 time<lms TTL=128 
Request timed out 
Reply from 192.168.1.1: bytes=32 time<lms TTL=128 


Which of the following caused the issue? x 
A. Duplicate IP address PP 
s 

B. Incorrect default gateway <| 
C. DHCP misconfiguration ο 
D. Incorrect routing table we? 
Answer: A Φ 

Φ 
Explanation: o 
The ping command output shows that thesNIC has an IP address of 192.168.1.100 
and a default gateway of 192.168.1 1, Blowever, when the technician tries to ping the 
default gateway, the reply comes gern another IP address: 192.168.1.101. This 
means that there is another device on the network that has the same IP address as 
the default gateway, and it is¢#&sponding to the ping request instead of the intended 
destination. ee 
A duplicate IP address géh cause network connectivity problems, such as packet 
loss, routing errors, οἱ Unreachable hosts. To resolve this issue, the technician should 
either change th address of the default gateway or the device that is conflicting 
with it, or use DACP to assign IP addresses automatically and avoid conflicts. 
The other options are not correct because they do not explain the ping output. An 
incorrect default gateway would cause no reply or a destination unreachable 
message, not a reply from a different IP address. A DHCP misconfiguration would 
cause an invalid or no IP address on the NIC, not a duplicate IP address on the 
network. An incorrect routing table would cause routing errors or unreachable 
destinations, not a reply from a different IP address. 
Reference: https://askleo.com/what_is_ping_and_what_does its output_tell_me/http 
s://learn.microsoft.com/en-us/windows-server/administration/windows-commands/ping 


103.A server administrator is swapping out the GPU card inside a server. 

Which of the following actions should the administrator take FIRST? 

A. Inspect the GPU that is being installed. 

B. Ensure the GPU meets HCL guidelines. 

C. Shut down the server. 

D. Disconnect the power from the rack. 

Answer: C 

Explanation: 

The first action that the administrator should take before swapping out the GPU card 
inside a server is to shut down the server. This is to ensure that the server is not 
running any processes that might be using the GPU card, and to prevent any damage 
to the hardware or data loss due to sudden power loss. Shutting down the server also 
reduces the risk of electrostatic discharge (ESD) that might harm the cemponents. 


Reference: https://ocgearhead.com/installing-a-new-gpu/ ο 
Š 
104.A server administrator must respond to tickets within a Grain amount of time. 
The server administrator needs to adhere to the: s 
A. BIA. os 
B. RTO. Pi 
C. MTTR. 3 
D. SLA. a 
Answer: D xO 
Explanation: D 


The server administrator needs to agere to the Service Level Agreement (SLA) 
when responding to tickets within &certain amount of time. An SLA is a contract 
between a service provider anda customer that defines the quality, availability, and 
responsibilities of the service. An SLA may specify the response time for tickets, as 
well as other metrics sucks uptime, performance, security, and backup frequency. 
Reference: https://wwyfom.com/cloud/learn/service-level-agreements 
S 

ο) 
105.Which οἱ the following relates to how much data loss a company agrees to 
tolerate in the event of a disaster? 
A. RTO 
B. MTBF 
C. PRO 
D. MTTR 
Answer: C 
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